swcurran
commented
2 years ago Yes -- although it depends on the verifiable credential format you are using. Some ideas:
In all the ACA-Py formats (W3C, AnonCreds), you can add an expiration date, but there is not any cryptographic processing handled automatically by general presentation processing libraries. In other words, it is up to the verifier to note an expiration date and use it.
In W3C VCs, the expiration date is a field in the credential metadata: https://www.w3.org/TR/vc-data-model/#expiration. Since this is just a data model, the meaning and format of the field is clear, but it is up to the user to process it.
In AnonCreds, the mechanism would be to add an expiration date field in the credential -- there is not a set "expiration" metadata field to use. Verifiers would "know" what to do with the field, just as they must do with all the fields. Verifiers would learn about this from a governance document published by either the schema publisher or the issuer of the verifiable credentials. The verifier would request the field, and determine if the verifiable credential was valid. There is some good handling that can be done on date (vs. date/time) expiration (see this), but they are likely not useful in your use case.
Hope that helps.
For Covid-19 PCR tests, the validity of the result is only 72 hours. If this was issued as a credential, is there any way to set an indicator that it is not valid after this time has passed? Basically, can we issue a credential with a validity period?